SigmaHQ

mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-07 09:48:58 +00:00

Author	SHA1	Message	Date
$frack113$ frack113	5e5ac8479c	Add tlp and target Attribute	2021-08-11 14:26:20 +02:00
Florian Roth	c8d481fd83	Merge branch 'rule-devel' of https://github.com/SigmaHQ/sigma into rule-devel	2021-08-11 10:10:32 +02:00
Florian Roth	c1f9c33730	rule: SystemNightmare	2021-08-11 10:10:30 +02:00
Florian Roth	d9d1e2c578	Merge pull request #1823 from SigmaHQ/rule-devel rule: ProxyLogon rule for MS Exchange	2021-08-11 09:43:41 +02:00
phantinuss	62eca463ac	new rule LittleCorporal generated maldoc process injection	2021-08-11 09:25:23 +02:00
Thomas Patzke	3dea956812	Merge pull request #1789 from frack113/fix_issue_1771 add hash_normalise option for ElasticsearchWildcardHandlingMixin	2021-08-11 08:21:43 +02:00
$frack113$ frack113	63ead346e8	fix modified value	2021-08-10 19:09:34 +02:00
$frack113$ frack113	e43b917dab	fix space error	2021-08-10 17:35:32 +02:00
Florian Roth	73a4bd74dc	fix: FPs script exec from temp	2021-08-10 17:10:46 +02:00
$frack113$ frack113	3a3da5b376	Merge pull request #1826 from JonGalarneau/patch-1 Correcting regex in win_modif_of_services_for_via_commandline.yml	2021-08-10 16:23:29 +02:00
$frack113$ frack113	6d869feb43	update modified	2021-08-10 15:12:45 +02:00
Jon Galarneau	1544a351a3	Correcting regex in win_modif_of_services_for_via_commandline.yml The ^ symbol designates the beginning of the string, but in this rule it is clearly intended to be the end of the string.	2021-08-10 08:29:39 -04:00
$frack113$ frack113	e098cdf3a1	fix url ref	2021-08-10 11:07:28 +02:00
$frack113$ frack113	ce17f8e9e2	add test_selection_list_one_value warning only	2021-08-10 10:21:22 +02:00
Florian Roth	17c6fc7038	rule: ProxyLogon rule for MS Exchange	2021-08-10 09:16:30 +02:00
Florian Roth	17fb418271	Merge pull request #1817 from SigmaHQ/rule-devel rules: ProxyShell refactoring and new rule	2021-08-10 08:18:32 +02:00
$frack113$ frack113	89e3fb1d86	Merge pull request #1814 from austinsonger/azure_vpn_connection_modified_or_deleted.yml azure_vpn_connection_modified_or_deleted.yml	2021-08-10 06:36:46 +02:00
$frack113$ frack113	711619e90e	remove 'or' as not need	2021-08-10 06:28:35 +02:00
$frack113$ frack113	a1917b4247	Merge pull request #1813 from austinsonger/azure_virtual_network_modified_or_deleted.yml azure_virtual_network_modified_or_deleted.yml	2021-08-10 06:22:25 +02:00
$frack113$ frack113	f7d3f93907	Merge pull request #1807 from austinsonger/azure_network_security_modified_or_deleted.yml azure_network_security_modified_or_deleted.yml	2021-08-10 06:21:45 +02:00
$frack113$ frack113	9bd60c45c6	Merge pull request #1806 from austinsonger/azure_network_p2s_vpn_modified_or_deleted.yml azure_network_p2s_vpn_modified_or_deleted.yml	2021-08-10 06:21:19 +02:00
Austin Songer	a48fd2135e	Create gcp_kubernetes_secrets_modified_or_deleted.yml	2021-08-09 22:08:14 -05:00
Austin Songer	cc4b3d7d38	Delete gcp_kubernetes_secrets_modified_or_deleted.yml	2021-08-09 22:07:49 -05:00
Austin Songer	23d5ed9d23	Create gcp_kubernetes_secrets_modified_or_deleted.yml	2021-08-09 22:06:56 -05:00
Austin Songer	019bdaac90	Update gcp_kubernetes_rolebinding.yml	2021-08-09 22:05:46 -05:00
Austin Songer	4542ab9a14	Create gcp_kubernetes_rolebinding.yml	2021-08-09 22:01:16 -05:00
Austin Songer	fa54a38394	Update azure_virtual_network_modified_or_deleted.yml	2021-08-09 15:51:43 -05:00
Austin Songer	27441d7093	Update azure_network_p2s_vpn_modified_or_deleted.yml	2021-08-09 15:37:53 -05:00
Austin Songer	5b25f56964	Update azure_network_security_modified_or_deleted.yml	2021-08-09 15:36:30 -05:00
$frack113$ frack113	3a873f6e7a	Merge pull request #1811 from austinsonger/azure_firewall_modified_or_deleted.yml azure_firewall_modified_or_deleted.yml	2021-08-09 22:24:41 +02:00
$frack113$ frack113	51eab7f366	Merge pull request #1810 from austinsonger/azure_firewall_rule_collection_modified_or_deleted.yml azure_firewall_rule_collection_modified_or_deleted.yml	2021-08-09 22:23:06 +02:00
$frack113$ frack113	b4e6e0eab3	Merge pull request #1809 from austinsonger/azure_network_firewall_rule_modified_or_deleted.yml azure_network_firewall_rule_modified_or_deleted.yml	2021-08-09 22:21:04 +02:00
$frack113$ frack113	3b4d782135	Merge pull request #1812 from austinsonger/azure_dns_zone_modified_or_deleted.yml azure_dns_zone_modified_or_deleted.yml	2021-08-09 22:14:07 +02:00
$frack113$ frack113	ee777350ab	Merge pull request #1808 from austinsonger/azure_network_virtual_device_modified_or_deleted.yml azure_network_virtual_device_modified_or_deleted.yml	2021-08-09 22:11:28 +02:00
Austin Songer	1f1aa7c31f	Update azure_dns_zone_modified_or_deleted.yml	2021-08-09 14:38:15 -05:00
Austin Songer	b9026f2dfe	Update azure_dns_zone_modified_or_deleted.yml	2021-08-09 14:36:50 -05:00
Austin Songer	27ce557562	Update azure_virtual_network_modified_or_deleted.yml	2021-08-09 14:35:45 -05:00
Austin Songer	70e2bb06a2	Update azure_vpn_connection_modified_or_deleted.yml	2021-08-09 14:35:27 -05:00
Austin Songer	c3efcbe292	Update azure_network_virtual_device_modified_or_deleted.yml	2021-08-09 14:30:57 -05:00
$frack113$ frack113	78e0e570dd	Split PR 1802 builtin net rules	2021-08-09 20:23:35 +02:00
Florian Roth	dbf8aecd83	fix: typo in cmdlet name	2021-08-09 18:05:51 +02:00
Florian Roth	a9ad4eda4a	rules: ProxyShell refactoring and new rule	2021-08-09 17:57:34 +02:00
$frack113$ frack113	fc64b8b937	Split PR 1802 fix net rules	2021-08-09 17:23:15 +02:00
$frack113$ frack113	ed23f450ea	split PR 1802 fix rules	2021-08-09 15:41:40 +02:00
$frack113$ frack113	5df2706669	Merge pull request #1800 from austinsonger/azure_kubernetes_network_policy_change.yml azure_kubernetes_network_policy_change.yml	2021-08-09 10:57:55 +02:00
$frack113$ frack113	5cf01c5a05	Merge pull request #1799 from austinsonger/azure_kubernetes_sensitive_role_access.yml azure_kubernetes_role_access.yml	2021-08-09 10:29:27 +02:00
$frack113$ frack113	6b21a881ca	Merge pull request #1700 from heyibrahimkhan/patch-5 Create ala-azure-aws_cloudtrail.yml	2021-08-09 10:21:34 +02:00
$frack113$ frack113	30260e8bf7	formatting falsepositives	2021-08-09 10:07:26 +02:00
$frack113$ frack113	f63b4147ce	formatting falsepositives	2021-08-09 10:06:31 +02:00
$frack113$ frack113	68914879ee	Merge pull request #1798 from austinsonger/azure_kubernetes_cluster_created_or_deleted.yml azure_kubernetes_cluster_created_or_deleted.yml	2021-08-09 10:04:55 +02:00

... 2 3 4 5 6 ...

7268 Commits